mptcpanalyzer: A Multipath TCP analyzer

[ gpl, library, network, program ] [ Propose Tags ]

mptcpanalyzer is a multipath TCP (www.multipath-tcp.org) protocol analyzer. Multipath TCP is an extension of the Transmission Control Protocol that allows applications to send one single stream of data over multiple TCP connections.

This software can automatically plot MPTCP characteristics such as Data Sequence Numbers, Data Acknowledgements etc. It can also map one packet capture to another to give more detailed statistics such as One-Way delays and reinjection qualifications.

  • list the MPTCP connections in the pcap

  • display chosen statistics on a specific MPTCP connection (list of subflows, number of reinjections, etc)

  • convert packet capture files (*.pcap) to *.csv files

  • plot data sequence numbers, dataacks for all subflows

  • can map packets between the client and server pcaps to plot one-way delays


[Skip to Readme]

Modules

  • MptcpAnalyzer
    • MptcpAnalyzer.ArtificialFields
    • MptcpAnalyzer.Cache
    • MptcpAnalyzer.Debug
    • MptcpAnalyzer.Frame
    • MptcpAnalyzer.Loader
    • MptcpAnalyzer.Map
    • MptcpAnalyzer.Merge
    • MptcpAnalyzer.Pcap
    • MptcpAnalyzer.Plots
      • MptcpAnalyzer.Plots.Live
      • MptcpAnalyzer.Plots.Stream
      • MptcpAnalyzer.Plots.Types
    • MptcpAnalyzer.Prelude
    • MptcpAnalyzer.Stats
    • MptcpAnalyzer.Stream
    • MptcpAnalyzer.Types
    • MptcpAnalyzer.Units
    • Utils
      • MptcpAnalyzer.Utils.Completion
      • MptcpAnalyzer.Utils.Text
  • Net
    • Mptcp
      • Net.Mptcp.Stats
    • Tcp
      • Net.Tcp.Stats
  • Tshark
    • Tshark.Capture
    • Tshark.Fields
    • Tshark.Interfaces
    • Tshark.Live
    • Tshark.Main
    • Tshark.Sharkd
    • Tshark.TH

Flags

Automatic Flags
NameDescriptionDefault
withpolysemy

Add polysemy plugin

Enabled
dev

Relax constraints

Enabled

Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info

Downloads

Maintainer's Corner

For package maintainers and hackage trustees

Candidates

Versions [RSS] 0.0.2.0
Change log CHANGELOG
Dependencies aeson, aeson-extra, aeson-pretty, ansi-terminal, base (>=4.12), bytestring, Cabal, cereal, Chart (>=1.5), Chart-cairo, containers, directory, filepath, foldl, formatting, Frames, ghci-dap, hashable, haskeline (>=0.8.0.0), haskell-dap, haskell-debug-adapter, ip, lens, mptcp, mptcp-pm (>=0.0.4), mptcpanalyzer, mtl, network, optparse-applicative, pipes, pipes-parse, pipes-safe, polysemy, polysemy-log (>=0.2.2.4), polysemy-log-co, polysemy-plugin, process, readable, template-haskell, temporary, text, time, transformers, unix, utf8-string, vector, vinyl, wide-word [details]
License GPL-3.0-only
Author Matthieu Coudron
Maintainer teto
Category Network
Home page https://github.com/teto/quantum
Source repo head: git clone https://github.com/teto/quantum
Uploaded by teto at 2022-01-05T04:12:12Z
Distributions NixOS:0.0.2.0
Executables mptcpanalyzer
Downloads 21 total (3 in the last 30 days)
Rating (no votes yet) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Docs not available [build log]
All reported builds failed as of 2022-01-05 [all 2 reports]

Readme for mptcpanalyzer-0.0.2.0

[back to package description]

Presentation

Mptcpanalyzer is a tool conceived to help with MPTCP pcap analysis (as mptcptrace for instance).

It accepts packet capture files (*.pcap) as inputs and from there you can:

  • list MPTCP connections
  • compute statistics on a specific MPTCP connection (list of subflows, reinjections, subflow actual contributions...)
  • export a CSV file with MPTCP fields
  • plot one way delays
  • ...

Commands are self documented with autocompletion. The interpreter with autocompletion that can generate & display plots such as the following:

cabal configure --enable-profiling
cabal run mptcpanalyzer "load-pcap examples/client_2_filtered.pcapng"  -- +RTS
-xc

Installation

You will need a wireshark version >= 3.6.0 .

Until changes are upstreamed, you will need this fork of optparse-applicative

How to use

mptcpanalyzer can run into 2 modes:

  1. interactive mode (default): an interpreter with some basic completion will accept your commands. There is also interactive help.
  2. otherwise, it will consider the unknow arguments as one command, the same that could be used interactively

For example, we can load mptcp pcaps (available at wireshark wiki or in this folder).

mptcpanalyzer "map-tcp examples/client_2_filtered.pcapng examples/server_2_filtered.pcapng 0"
mptcpanalyzer "load-pcap examples/client_2_filtered.pcapng"

or for a live analysis:

plot-mptcp-live 10.0.0.1 10.0.0.2 33784 5201 client lo -f examples/client_2_cleaned_start.pcapng

See this blog for more tutorials about mptcpanalyzer.

NB: in a local repository, you can run the previous command prefixed with mptcpanalyzer$ cabal run -- COMMAND.

How to develop/contribute

See CONTRIBUTING.

Dependencies

Roadmap

  • improve caching
  • improve autocompletion
  • live statistics/plotting
  • plugins ?
  • ability to leverage the API in ihaskell ?

Related tools

Similar software:

Tool Description
mptcptrace C based: an example
mptcpplot C based developed at NASA: generated output example

Acknowledgements

This project is founded by NGI pointer.

wireshark-mptcp: https://www.wireshark.org/docs/dfref/m/mptcp.html polysemy: https://hackage.haskell.org/package/polysemy diagrams: https://hackage.haskell.org/package/diagrams frames: https://hackage.haskell.org/package/Frames shelltestrunner: https://github.com/simonmichael/shelltestrunner